On the 18th of July, WazirX, the country’s biggest cryptocurrency exchange was hit with a devastating hack that resulted in the theft of more than $235 Million in digital assets. The exchange confirmed the attack in a statement on X, formerly known as Twitter. After the attack, several different market crypto executives have cautioned the investors against a very high rate of volatility in the crypto market. The company has temporarily stopped all withdrawals of crypto as well as INR. 

The amount that was stolen by the hacker was nearly half of the crypto exchange’s total assets. “We’re aware that one of our ‘multisig’ wallets has experienced a security breach. Our team is actively investigating the incident. To ensure the safety of your assets, INR and crypto withdrawals will be temporarily paused,” the company said in a statement. A ‘multisig’ is short for a multisignature wallet. A multisignature wallet is a type of crypto wallet which requires a transaction to have two or more signatures before it can be executed. 

Liminal custody, a platform managing WazirX’s wallets, stated that it had not fallen victim to the security breach. They also announced that preliminary investigations indicate the compromise of a self-custody multi-sig smart contract wallet created outside the Liminal ecosystem. The storage provider confirmed in a statement that their platform was not breached and their wallets, infrastructures and assets continued to remain safe. They also stated that all the WazirX wallets that were created on the platform continued to remain protected, and that all the malicious activities took place outside of the Liminal platform. 

Explaining the nature of the cyber-attack, WazirX revealed that the issue arose from a discrepancy between the data shown on Liminal’s interface and the actual contents of the transactions. During the attack, there was a mismatch between the information displayed on Liminal’s interface and the data that was actually signed. “We suspect the payload was replaced to transfer wallet control to an attacker,” the exchange noted.  

The exchange later said in a blog post detailing its preliminary findings, “This is a force majeure event beyond our control, but we are leaving no stone unturned to locate and recover the funds. We have already blocked a few deposits and reached out to concerned wallets for recovery. We are in touch with the best resources to help us in this endeavor. “ 

The exchange filed a police report and contacted the Indian Computer Emergency Response Team (CERT-In) earlier today. According to a transparency report from June, the stolen funds represent over 45% of its $500 million holdings. Crypto security firm Elliptic suggested that North Korean hackers seem to be responsible for the exploit. 

In December last year, the Financial Intelligence Unit (FIU) under the finance ministry issued show cause notices to VDA platforms such as Binance, the largest cryptocurrency exchange, and Kucoin for non-compliance with anti-money laundering laws. They also requested the Ministry of Electronics and Information Technology to block these platforms’ websites. Meanwhile, domestic crypto firms announced their efforts to establish a channel to facilitate the transfer of investments from offshore exchanges to local platforms for crypto investors.